CISA Warns of Active 'Roundcube' Email Attacks

Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.

security

# CISA Warns of Active 'Roundcube' Email Attacks

> Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.
>
> ### [... read more](https://nvd.nist.gov/vuln/detail/CVE-2023-43770)

CISA Warns of Active 'Roundcube' Email AttacksCISA Warns of Active 'Roundcube' Email Attacks

... read more ... read more

CISA Warns of Active 'Roundcube' Email AttacksCISA Warns of Active 'Roundcube' Email Attacks

... read more... read more

... read more ... read more